[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: [RHSA-1999:017-01] Potential security problem in Red Hat 6.0
From:       sillyhead <cdale () HOME ! ISOLNET ! COM>
Date:       1999-06-25 19:17:53
[Download RAW message or body]

Hi!
If you will read further down, you will see this:
7. Problem description:
A change to 32 bit uid_t's within glibc 2.0.x
has opened a potential hole in root-squashing.
sillyhead


On Fri, 25 Jun 1999, Andreas Bogk wrote:

> Raymond Dijkxhoorn <raymond@THRIJSWIJK.NL> writes:
>
> > 7. Problem description:
> >
> > Several potential buffer overruns have been corrected within the net-tools
> > package.
>
> Very helpful. I'm running LinuxPPC here, which is partly based on
> RedHat. Could someone from RedHat please identify the programs in
> question, their version numbers, the history of the code or something
> else which allows me to find out whether I'm affected or not?
>
> No, Im not asking "gimme the xpl0itz". Far from it. But such
> announcements just don't help me. Instead they give me the uneasy
> feeling that out there are people which know about a security problem
> on my machine and don't tell me about it.
>
> Andreas
>
> --
> "We show that all proposed quantum bit commitment schemes are insecure because
> the sender, Alice, can almost always cheat successfully by using an
> Einstein-Podolsky-Rosen type of attack and delaying her measurement until she
> opens her commitment." ( http://xxx.lanl.gov/abs/quant-ph/9603004 )
>

[prev in list] [next in list] [prev in thread] [next in thread]